Cross-Site Request Forgery (CSRF) are a type of security attacks that may cause user accounts to be abused, so attackers can make users perform actions inadvertently in a vulnerable site and cause serious problems to the users and the sites.

There is a new proposal for PHP 7.1 to provide built-in semi-automatic protection against CSRF attacks, so it will be easier for PHP developers to protect the sites they develop against this type of exploit.